pcap / winpcap filters

["marco\@marcomp\.it" <marco () marcomp it>]

     I need to filter some traffic (before capturing it) using the pcap / winpcap filter but this traffic comes from 
some different subnet ( different from my eth interface subnet ).
So if I apply a filter the pcap show me the packet that can lookup on my eth interface only ...
How can I get the filtered traffic that comes from "everywhere" (0.0.0.0/0) ?

I need to filter the data traffic before sending it to whireshark because I only need to check the DNS and SIP traffic 
for a long time ( may be for more than 1 week )... so I don't want to store Gbyte and Gbyte of not helpful data on my 
pc.....

Have you any suggestion ?


Marco

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe